1. March 2005 1R. Smith - University of St Thomas - Minnesota CISC 210 - Class Today Going over the HomeworkGoing over the Homework RecapRecap What’s on the exam?What’s on the exam? Question TopicsQuestion Topics Example QuestionsExample Questions

2. March 2005 2R. Smith - University of St Thomas - Minnesota Homework E6 – Key: Bob, the process, the key in RAME6 – Key: Bob, the process, the key in RAM –Plaintext: the process, the plaintext file E7 – Two ‘real’ pro and con argumentsE7 – Two ‘real’ pro and con arguments –“Encryption” is not an argument in favor of encryption –“Vulnerable to attack” is arguably true about anything E8-E11: One-time pad arithmeticE8-E11: One-time pad arithmetic –If you have a 10 digit text and 10 digit key, you get 10 digits out E12-17: SpreadsheetE12-17: Spreadsheet

3. March 2005 3R. Smith - University of St Thomas - Minnesota Recap Block CiphersBlock Ciphers Block Cipher ModesBlock Cipher Modes Group Problem Solve – Block CiphersGroup Problem Solve – Block Ciphers Volume EncryptionVolume Encryption

4. March 2005 4R. Smith - University of St Thomas - Minnesota Exam Format Closed Book – no book, actuallyClosed Book – no book, actually I will provide equations and lists of things, but I expect you to know how to use them!I will provide equations and lists of things, but I expect you to know how to use them! Write up a sheet of notes to bring along if you wish.Write up a sheet of notes to bring along if you wish.

5. March 2005 5R. Smith - University of St Thomas - Minnesota What the Exam Covers Chapter 1 – Six phase processChapter 1 – Six phase process –Identifying assets and risks; Prioritizing risks Chapter 2 – Processes and access controlChapter 2 – Processes and access control –Control and data sections; access matrix; access diagram Chapter 3 – File access controlChapter 3 – File access control –Simple (Unix) permissions; access control lists Chapter 4 – Authentication and passwordsChapter 4 – Authentication and passwords –3 authentication factors, average attack space –Building blocks: randomness, one-way hash Chapter 5 plus – EncryptionChapter 5 plus – Encryption –Crypto building blocks: PRNGs, XOR, nonces –Block encryption, block cipher modes

6. March 2005 6R. Smith - University of St Thomas - Minnesota What you should remember Access matrix vs. diagramAccess matrix vs. diagram –How to convert from one to the other File access controlFile access control –Given some policy guidance, specify the permissions –Difference between & use of basic permissions, groups, ACLs Average attack space vs. number of keysAverage attack space vs. number of keys –Average is half of total number – may be scaled by likelihood Three authentication factors Three authentication factors –Something you are, you have, you know Use of crypto building blocksUse of crypto building blocks –Effect of xor, one-way hash, block cipher encryption –Limitations of these

7. March 2005 7R. Smith - University of St Thomas - Minnesota Question Topics, I Question Topics, I Security Process and RisksSecurity Process and Risks –Describe a scenario in terms of the six security phases I provide the scenario and list the phasesI provide the scenario and list the phases Talk of what did happen, not what should have happenedTalk of what did happen, not what should have happened –Do a simple risk analysis to prioritize some risks I provide some numbersI provide some numbers You do the analysis and tell me the answerYou do the analysis and tell me the answer Access controlAccess control –Given an access matrix, draw the diagram Or vice versa: given the diagram, fill in the matrixOr vice versa: given the diagram, fill in the matrix Elements for every item (file, data section)Elements for every item (file, data section) Elements for every actor (process, user)Elements for every actor (process, user) Permissions: read, write, executePermissions: read, write, execute

8. March 2005 8R. Smith - University of St Thomas - Minnesota Question Topics, II Access ControlAccess Control –Given a policy, specify the access rights Use groups to separate non-owners from “everyone”Use groups to separate non-owners from “everyone” Use basic permissions for 1 owner+1 groupUse basic permissions for 1 owner+1 group Use ACLs if there are too many people and/or groupsUse ACLs if there are too many people and/or groups –Given some access rights, or a diagram, answer some questions Does user X have the right to do Y? Who can modify the file?Does user X have the right to do Y? Who can modify the file? AuthenticationAuthentication –Identify the factors used by real-word authentication examples –Calculate average attack space

9. March 2005 9R. Smith - University of St Thomas - Minnesota Question Topics, III Crypto ImplementationCrypto Implementation –Explain how a Trojan horse can steal unencrypted data –Given a diagram, show where keys and plaintext are MS Windows ‘encryption’MS Windows ‘encryption’ File encryption programFile encryption program Encrypting device driver (TrueCrypt)Encrypting device driver (TrueCrypt) Crypto Building BlocksCrypto Building Blocks –Given # of key bits, find # of keys, or the average attack space Know the difference/relationship between themKnow the difference/relationship between them –Identifying matching keystreams; role of the nonce –Error propagation, like we did in class the other day

10. March 2005 10R. Smith - University of St Thomas - Minnesota Sample Questions Scenario and 6 phases: I35W bridgeScenario and 6 phases: I35W bridge Risk trade-offRisk trade-off –“Back room” computer at a restaurant Access matrix example: diagram or tableAccess matrix example: diagram or table –2-3 processes with some shared RAM Given a policy, specify access controlGiven a policy, specify access control –Access to nobody except 2 people –Read Access to all, full access to 2 people and separate group Authentication factors in...Authentication factors in... Crypto diagrams (see last slide)Crypto diagrams (see last slide)

11. March 2005 11R. Smith - University of St Thomas - Minnesota Building Block: PRNG Design Use a one-way hash function, give it feedbackUse a one-way hash function, give it feedback InputsInputs –First time, use the seed or key as the input –All future times, use the previous output value as the input OutputOutput –For each call, the resulting hash value is the next block of output One-way hash Random input The ‘seed’ or ‘key’ The output or “keystream”

12. March 2005 12R. Smith - University of St Thomas - Minnesota Building Block: Stream Cipher Design One-way hash generates the keystreamOne-way hash generates the keystream –Key serves as PRNG “seed” –Plaintext XORs with the ciphertext –Cisco uses this in TACACS products Decryption is roughly identicalDecryption is roughly identical –Swap plaintext and ciphertext – still uses XOR One-way hash Key Plaintext Ciphertext

13. March 2005 13R. Smith - University of St Thomas - Minnesota Building block: one-way hash Hash “compresses” the phraseHash “compresses” the phrase –The same passphrase always yields the same encryption key To invert: exchange encryption/decryptionTo invert: exchange encryption/decryption

14. March 2005 14R. Smith - University of St Thomas - Minnesota Building block: Nonce To reverse, extract nonce from the ciphertextTo reverse, extract nonce from the ciphertext Reconstruct hash from remembered phraseReconstruct hash from remembered phrase

15. March 2005 15R. Smith - University of St Thomas - Minnesota Error propagation in straight block cipher Everything happens a block at a timeEverything happens a block at a time To reverse, just change encryptions to decryptions, plaintexts to ciphertexts, etc.To reverse, just change encryptions to decryptions, plaintexts to ciphertexts, etc.

16. March 2005 16R. Smith - University of St Thomas - Minnesota Error propagation in OFB mode The key doesn’t depend on the dataThe key doesn’t depend on the data –One bit affected for every bit changed To encrypt, swap plaintext and ciphertextTo encrypt, swap plaintext and ciphertext –Like any stream cipher

17. March 2005 17R. Smith - University of St Thomas - Minnesota Error propagation in CTR The cipher stream is independent of the dataThe cipher stream is independent of the data Changes and errors are bit-by-bitChanges and errors are bit-by-bit To invert, swap ciphertext and plaintextTo invert, swap ciphertext and plaintext

18. March 2005 18R. Smith - University of St Thomas - Minnesota Error Propagation in CBC The data actually affects the crypto streamThe data actually affects the crypto stream Error in ciphertext propagatesError in ciphertext propagates –Current block is completely hashed; plus one bit in next block

19. March 2005 19R. Smith - University of St Thomas - Minnesota Creative Commons License This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by- sa/3.0/us/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA.